Net::LDAP::Constant - Constants for use with Net::LDAP

  1. SYNOPSIS
  2. DESCRIPTION
    1. Protocol Constants
    2. Control OIDs
    3. Control constants
    4. Extension OIDs
    5. Feature OIDs
    6. Active Directory Capability OIDs
  3. SEE ALSO
  4. AUTHOR
  5. COPYRIGHT

SYNOPSIS

use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);

DESCRIPTION

Net::LDAP::Constant exports constants, technically: constant subroutines, for the LDAP status codes and OIDs listed in the sections below.

In addition to exporting individual constants, the following tags can be used to export groups of constants.

:all

Export all constants known to Net::LDAP::Constant.

:codes

Export all LDAP status codes mentioned in the section "Protocol Constants".

:controls

Export all LDAP_CONTROL_* constants.

:extensions

Export all LDAP_EXTENSION_* constants.

:features

Export all LDAP_FEATURE_* constants.

:capabilities

Export all LDAP_CAP_* constants.

Protocol Constants

LDAP_SUCCESS (0)

Operation completed without error

LDAP_OPERATIONS_ERROR (1)

Server encountered an internal error

LDAP_PROTOCOL_ERROR (2)

Unrecognized version number or incorrect PDU structure

LDAP_TIMELIMIT_EXCEEDED (3)

The time limit on a search operation has been exceeded

LDAP_SIZELIMIT_EXCEEDED (4)

The maximum number of search results to return has been exceeded.

LDAP_COMPARE_FALSE (5)

This code is returned when a compare request completes and the attribute value given is not in the entry specified

LDAP_COMPARE_TRUE (6)

This code is returned when a compare request completes and the attribute value given is in the entry specified

LDAP_AUTH_METHOD_NOT_SUPPORTED (7)

Unrecognized SASL mechanism name

LDAP_STRONG_AUTH_NOT_SUPPORTED (7)

Unrecognized SASL mechanism name

LDAP_STRONG_AUTH_REQUIRED (8)

The server requires authentication be performed with a SASL mechanism

LDAP_PARTIAL_RESULTS (9)

Returned to version 2 clients when a referral is returned. The response will contain a list of URLs for other servers.

LDAP_REFERRAL (10)

The server is referring the client to another server. The response will contain a list of URLs

LDAP_ADMIN_LIMIT_EXCEEDED (11)

The server has exceed the maximum number of entries to search while gathering a list of search result candidates

LDAP_UNAVAILABLE_CRITICAL_EXT (12)

A control or matching rule specified in the request is not supported by the server

LDAP_CONFIDENTIALITY_REQUIRED (13)

This result code is returned when confidentiality is required to perform a given operation

LDAP_SASL_BIND_IN_PROGRESS (14)

The server requires the client to send a new bind request, with the same SASL mechanism, to continue the authentication process

LDAP_NO_SUCH_ATTRIBUTE (16)

The request referenced an attribute that does not exist

LDAP_UNDEFINED_TYPE (17)

The request contains an undefined attribute type

LDAP_INAPPROPRIATE_MATCHING (18)

An extensible matching rule in the given filter does not apply to the specified attribute

LDAP_CONSTRAINT_VIOLATION (19)

The request contains a value which does not meet with certain constraints. This result can be returned as a consequence of

  • The request was to add or modify a user password, and the password fails to meet the criteria the server is configured to check. This could be that the password is too short, or a recognizable word (e.g. it matches one of the attributes in the users entry) or it matches a previous password used by the same user.

  • The request is a bind request to a user account that has been locked

LDAP_TYPE_OR_VALUE_EXISTS (20)

The request attempted to add an attribute type or value that already exists

LDAP_INVALID_SYNTAX (21)

Some part of the request contained an invalid syntax. It could be a search with an invalid filter or a request to modify the schema and the given schema has a bad syntax.

LDAP_NO_SUCH_OBJECT (32)

The server cannot find an object specified in the request

LDAP_ALIAS_PROBLEM (33)

Server encountered a problem while attempting to dereference an alias

LDAP_INVALID_DN_SYNTAX (34)

The request contained an invalid DN

LDAP_IS_LEAF (35)

The specified entry is a leaf entry

LDAP_ALIAS_DEREF_PROBLEM (36)

Server encountered a problem while attempting to dereference an alias

LDAP_PROXY_AUTHZ_FAILURE (47)

The user bound is not authorized to assume the requested identity.

LDAP_INAPPROPRIATE_AUTH (48)

The server requires the client which had attempted to bind anonymously or without supplying credentials to provide some form of credentials

LDAP_INVALID_CREDENTIALS (49)

The wrong password was supplied or the SASL credentials could not be processed

LDAP_INSUFFICIENT_ACCESS (50)

The client does not have sufficient access to perform the requested operation

LDAP_BUSY (51)

The server is too busy to perform requested operation

LDAP_UNAVAILABLE (52)

The server in unavailable to perform the request, or the server is shutting down

LDAP_UNWILLING_TO_PERFORM (53)

The server is unwilling to perform the requested operation

LDAP_LOOP_DETECT (54)

The server was unable to perform the request due to an internal loop detected

LDAP_SORT_CONTROL_MISSING (60)

The search contained a "virtual list view" control, but not a server-side sorting control, which is required when a "virtual list view" is given.

LDAP_INDEX_RANGE_ERROR (61)

The search contained a control for a "virtual list view" and the results exceeded the range specified by the requested offsets.

LDAP_NAMING_VIOLATION (64)

The request violates the structure of the DIT

LDAP_OBJECT_CLASS_VIOLATION (65)

The request specifies a change to an existing entry or the addition of a new entry that does not comply with the servers schema

LDAP_NOT_ALLOWED_ON_NONLEAF (66)

The requested operation is not allowed on an entry that has child entries

LDAP_NOT_ALLOWED_ON_RDN (67)

The requested operation ill affect the RDN of the entry

LDAP_ALREADY_EXISTS (68)

The client attempted to add an entry that already exists. This can occur as a result of

  • An add request was submitted with a DN that already exists

  • A modify DN requested was submitted, where the requested new DN already exists

  • The request is adding an attribute to the schema and an attribute with the given OID or name already exists

LDAP_NO_OBJECT_CLASS_MODS (69)

Request attempt to modify the object class of an entry that should not be modified

LDAP_RESULTS_TOO_LARGE (70)

The results of the request are to large

LDAP_AFFECTS_MULTIPLE_DSAS (71)

The requested operation needs to be performed on multiple servers where the requested operation is not permitted

LDAP_VLV_ERROR (76)

A VLV error has occurred

LDAP_OTHER (80)

An unknown error has occurred

LDAP_SERVER_DOWN (81)

Net::LDAP cannot establish a connection or the connection has been lost

LDAP_LOCAL_ERROR (82)

An error occurred in Net::LDAP

LDAP_ENCODING_ERROR (83)

Net::LDAP encountered an error while encoding the request packet that would have been sent to the server

LDAP_DECODING_ERROR (84)

Net::LDAP encountered an error while decoding a response packet from the server.

LDAP_TIMEOUT (85)

Net::LDAP timeout while waiting for a response from the server

LDAP_AUTH_UNKNOWN (86)

The method of authentication requested in a bind request is unknown to the server

LDAP_FILTER_ERROR (87)

An error occurred while encoding the given search filter.

LDAP_USER_CANCELED (88)

The user canceled the operation

LDAP_PARAM_ERROR (89)

An invalid parameter was specified

LDAP_NO_MEMORY (90)

Out of memory error

LDAP_CONNECT_ERROR (91)

A connection to the server could not be established

LDAP_NOT_SUPPORTED (92)

An attempt has been made to use a feature not supported by Net::LDAP

LDAP_CONTROL_NOT_FOUND (93)

The controls required to perform the requested operation were not found.

LDAP_NO_RESULTS_RETURNED (94)

No results were returned from the server.

LDAP_MORE_RESULTS_TO_RETURN (95)

There are more results in the chain of results.

LDAP_CLIENT_LOOP (96)

A loop has been detected. For example when following referrals.

LDAP_REFERRAL_LIMIT_EXCEEDED (97)

The referral hop limit has been exceeded.

LDAP_CANCELED (118)

Operation was canceled

LDAP_NO_SUCH_OPERATION (119)

Server has no knowledge of the operation requested for cancellation

LDAP_TOO_LATE (120)

Too late to cancel the outstanding operation

LDAP_CANNOT_CANCEL (121)

The identified operation does not support cancellation or the cancel operation cannot be performed

LDAP_ASSERTION_FAILED (122)

An assertion control given in the LDAP operation evaluated to false causing the operation to not be performed.

LDAP_SYNC_REFRESH_REQUIRED (4096)

Refresh Required.

Control OIDs

Control OIDs identify LDAP Controls.

By announcing the respective OIDs in the operational attribute supportedControls of the Root DSE an LDAP server indicates which LDAP Controls it supports.

LDAP_CONTROL_SORTREQUEST (1.2.840.113556.1.4.473)

See Net::LDAP::Control::Sort.

LDAP_CONTROL_SORTRESULT (1.2.840.113556.1.4.474)
LDAP_CONTROL_SORTRESPONSE (1.2.840.113556.1.4.474)

See Net::LDAP::Control::SortResult.

LDAP_CONTROL_VLVREQUEST (2.16.840.1.113730.3.4.9)

See Net::LDAP::Control::VLV.

LDAP_CONTROL_VLVRESPONSE (2.16.840.1.113730.3.4.10)

See Net::LDAP::Control::VLVResponse.

LDAP_CONTROL_PROXYAUTHORIZATION (2.16.840.1.113730.3.4.18)
LDAP_CONTROL_PROXYAUTHENTICATION (2.16.840.1.113730.3.4.18)

See Net::LDAP::Control::ProxyAuth.

LDAP_CONTROL_PAGED (1.2.840.113556.1.4.319)

See Net::LDAP::Control::Paged.

LDAP_CONTROL_TREE_DELETE (1.2.840.113556.1.4.805)

See Net::LDAP::Control::TreeDelete.

LDAP_CONTROL_MATCHEDVALS (1.2.826.0.1.3344810.2.2)

Outdated OID mentioned in predecessors to RFC 3876. Superseded by LDAP_CONTROL_MATCHEDVALUES.

LDAP_CONTROL_MATCHEDVALUES (1.2.826.0.1.3344810.2.3)

See Net::LDAP::Control::MatchedValues.

LDAP_CONTROL_MANAGEDSAIT (2.16.840.1.113730.3.4.2)

See Net::LDAP::Control::ManageDsaIT.

LDAP_CONTROL_PERSISTENTSEARCH (2.16.840.1.113730.3.4.3)

See Net::LDAP::Control::PersistentSearch.

LDAP_CONTROL_ENTRYCHANGE (2.16.840.1.113730.3.4.7)

See Net::LDAP::Control::EntryChange.

LDAP_CONTROL_PWEXPIRED (2.16.840.1.113730.3.4.4)
LDAP_CONTROL_PWEXPIRING (2.16.840.1.113730.3.4.5)
LDAP_CONTROL_REFERRALS (1.2.840.113556.1.4.616)
LDAP_CONTROL_RELAX (1.3.6.1.4.1.4203.666.5.12)

See Net::LDAP::Control::Relax.

LDAP_CONTROL_PASSWORDPOLICY (1.3.6.1.4.1.42.2.27.8.5.1)

See Net::LDAP::Control::PasswordPolicy.

LDAP_CONTROL_PERMISSIVEMODIFY (1.2.840.113556.1.4.1413)
LDAP_CONTROL_PREREAD (1.3.6.1.1.13.1)

See Net::LDAP::Control::PreRead.

LDAP_CONTROL_POSTREAD (1.3.6.1.1.13.2)

See Net::LDAP::Control::PostRead.

LDAP_CONTROL_ASSERTION (1.3.6.1.1.12)

See Net::LDAP::Control::Assertion.

LDAP_CONTROL_DONTUSECOPY (1.3.6.1.1.22)

See Net::LDAP::Control::DontUseCopy.

LDAP_CONTROL_NOOP (1.3.6.1.4.1.4203.666.5.2)

See Net::LDAP::Control::NoOp.

LDAP_CONTROL_SUBENTRIES (1.3.6.1.4.1.4203.1.10.1)

See Net::LDAP::Control::Subentries.

LDAP_CONTROL_SYNC (1.3.6.1.4.1.4203.1.9.1.1)

See Net::LDAP::Control::SyncRequest.

LDAP_CONTROL_SYNC_STATE (1.3.6.1.4.1.4203.1.9.1.2)

See Net::LDAP::Control::SyncState.

LDAP_CONTROL_SYNC_DONE (1.3.6.1.4.1.4203.1.9.1.3)

See Net::LDAP::Control::SyncDone.

LDAP_SYNC_INFO (1.3.6.1.4.1.4203.1.9.1.4)

Control constants

LDAP_PP_PASSWORD_EXPIRED (0) [LDAP_CONTROL_PASSWORDPOLICY]

The account's password has expired.

LDAP_PP_ACCOUNT_LOCKED (1) [LDAP_CONTROL_PASSWORDPOLICY]

The account is locked.

LDAP_PP_CHANGE_AFTER_RESET (2) [LDAP_CONTROL_PASSWORDPOLICY]

The account's password has been reset and now must be changed.

LDAP_PP_PASSWORD_MOD_NOT_ALLOWED (3) [LDAP_CONTROL_PASSWORDPOLICY]

The account's password may not be modified.

LDAP_PP_MUST_SUPPLY_OLD_PASSWORD (4) [LDAP_CONTROL_PASSWORDPOLICY]

The old password must also be supplied when setting a new password.

LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY (5) [LDAP_CONTROL_PASSWORDPOLICY]

The new password was not of sufficient quality.

LDAP_PP_PASSWORD_TOO_SHORT (6) [LDAP_CONTROL_PASSWORDPOLICY]

The new password was too short.

LDAP_PP_PASSWORD_TOO_YOUNG (7) [LDAP_CONTROL_PASSWORDPOLICY]

The previous password was changed too recently.

LDAP_PP_PASSWORD_IN_HISTORY (8) [LDAP_CONTROL_PASSWORDPOLICY]

The new password was used too recently.

LDAP_SYNC_NONE (0) [LDAP_CONTROL_SYNC]
LDAP_SYNC_REFRESH_ONLY (1) [LDAP_CONTROL_SYNC]
LDAP_SYNC_RESERVED (2) [LDAP_CONTROL_SYNC]
LDAP_SYNC_REFRESH_AND_PERSIST (3) [LDAP_CONTROL_SYNC]
LDAP_SYNC_REFRESH_PRESENTS (0) [LDAP_SYNC_INFO]
LDAP_SYNC_REFRESH_DELETES (1) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_REFRESH_DELETE (0xa1) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_REFRESH_PRESENT (0xa2) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_ID_SET (0xa3) [LDAP_SYNC_INFO]
LDAP_TAG_REFRESHDELETES (0x01) [LDAP_SYNC_INFO]
LDAP_TAG_REFRESHDONE (0x01) [LDAP_SYNC_INFO]
LDAP_TAG_RELOAD_HINT (0x01) [LDAP_CONTROL_SYNC]
LDAP_SYNC_PRESENT (0) [LDAP_CONTROL_SYNC_STATE]
LDAP_SYNC_ADD (1) [LDAP_CONTROL_SYNC_STATE]
LDAP_SYNC_MODIFY (2) [LDAP_CONTROL_SYNC_STATE]
LDAP_SYNC_DELETE (3) [LDAP_CONTROL_SYNC_STATE]

Active Directory Control OIDs

See section LDAP Extended Controls in https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-ADTS/[MS-ADTS].pdf.

LDAP_CONTROL_SHOW_DELETED (1.2.840.113556.1.4.417)
LDAP_CONTROL_CROSSDOMAIN_MOVE (1.2.840.113556.1.4.521)
LDAP_CONTROL_SERVER_NOTIFICATION (1.2.840.113556.1.4.528)
LDAP_CONTROL_EXTENDED_DN (1.2.840.113556.1.4.529)
LDAP_CONTROL_LAZY_COMMIT (1.2.840.113556.1.4.619)
LDAP_CONTROL_SD_FLAGS (1.2.840.113556.1.4.801)
LDAP_CONTROL_RANGE_OPTION (1.2.840.113556.1.4.802)
LDAP_CONTROL_DIRSYNC (1.2.840.113556.1.4.841)
LDAP_CONTROL_GET_STATS (1.2.840.113556.1.4.970)
LDAP_CONTROL_VERIFY_NAME (1.2.840.113556.1.4.1338)
LDAP_CONTROL_DOMAIN_SCOPE (1.2.840.113556.1.4.1339)
LDAP_CONTROL_SEARCH_OPTIONS (1.2.840.113556.1.4.1340)
LDAP_CONTROL_RODC_DCPROMO (1.2.840.113556.1.4.1341)
LDAP_CONTROL_ASQ (1.2.840.113556.1.4.1504)
LDAP_CONTROL_QUOTA_CONTROL (1.2.840.113556.1.4.1852)
LDAP_CONTROL_SHUTDOWN_NOTIFY (1.2.840.113556.1.4.1907)
LDAP_CONTROL_RANGE_RETRIEVAL_NOERR (1.2.840.113556.1.4.1948)
LDAP_CONTROL_FORCE_UPDATE (1.2.840.113556.1.4.1974)
LDAP_CONTROL_DN_INPUT (1.2.840.113556.1.4.2026)
LDAP_CONTROL_SHOW_RECYCLED (1.2.840.113556.1.4.2064)
LDAP_CONTROL_POLICY_HINTS_DEPRECATED (1.2.840.113556.1.4.2066)
LDAP_CONTROL_DIRSYNC_EX (1.2.840.113556.1.4.2090)
LDAP_CONTROL_TREE_DELETE_EX (1.2.840.113556.1.4.2204)
LDAP_CONTROL_UPDATE_STATS (1.2.840.113556.1.4.2205)
LDAP_CONTROL_SEARCH_HINTS (1.2.840.113556.1.4.2206)
LDAP_CONTROL_EXPECTED_ENTRY_COUNT (1.2.840.113556.1.4.2211)
LDAP_CONTROL_POLICY_HINTS (1.2.840.113556.1.4.2239)
LDAP_CONTROL_SET_OWNER (1.2.840.113556.1.4.2255)
LDAP_CONTROL_BYPASS_QUOTA (1.2.840.113556.1.4.2256)
LDAP_CONTROL_SET_CORRELATION_ID (1.2.840.113556.1.4.2330)
LDAP_CONTROL_THREAD_TRACE_OVERRIDE (1.2.840.113556.1.4.2354)

Extension OIDs

Extension OIDs identify LDAP Extended operations.

By announcing the respective OIDs in the operational attribute supportedExtension of the Root DSE an LDAP server indicates which LDAP Extended operations it supports.

LDAP_NOTICE_OF_DISCONNECTION (1.3.6.1.4.1.1466.20036)

Indicates that the server is about to close the connection due to an error (RFC 4511).

LDAP_EXTENSION_START_TLS (1.3.6.1.4.1.1466.20037)

Indicates if the server supports the Start TLS extension (RFC 4513). See "start_tls" in Net::LDAP.

LDAP_EXTENSION_PASSWORD_MODIFY (1.3.6.1.4.1.4203.1.11.1)

Indicates that the server supports the Password Modify extension (RFC 3062). See Net::LDAP::Extension::SetPassword.

LDAP_EXTENSION_WHO_AM_I (1.3.6.1.4.1.4203.1.11.3)

Indicates that the server supports the "Who am I?" extension (RFC 4532). See Net::LDAP::Extension::WhoAmI.

LDAP_EXTENSION_REFRESH (1.3.6.1.4.1.1466.101.119.1)

Indicates that the server supports the Refresh extension (RFC 2589). See Net::LDAP::Extension::Refresh.

LDAP_EXTENSION_CANCEL (1.3.6.1.1.8)

Indicates the server supports the Cancel extension (RFC 3909). See Net::LDAP::Extension::Cancel.

Active Directory Extension OIDs

See section LDAP Extended Operations in https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-ADTS/[MS-ADTS].pdf.

LDAP_EXTENSION_FAST_BIND (1.2.840.113556.1.4.1781)
LDAP_EXTENSION_BATCH_REQUEST (1.2.840.113556.1.4.2212)

Novell eDirectory Extension OIDs

LDAP_EXTENSION_NDSTOLDAP (2.16.840.1.113719.1.27.100.2)
LDAP_EXTENSION_SPLIT_PARTITION (2.16.840.1.113719.1.27.100.3)
LDAP_EXTENSION_MERGE_PARTITION (2.16.840.1.113719.1.27.100.5)
LDAP_EXTENSION_ADD_REPLICA (2.16.840.1.113719.1.27.100.7)
LDAP_EXTENSION_REFRESH_LDAP_SERVER (2.16.840.1.113719.1.27.100.9)
LDAP_EXTENSION_REMOVE_REPLICA (2.16.840.1.113719.1.27.100.11)
LDAP_EXTENSION_PARTITION_ENTRY_COUNT (2.16.840.1.113719.1.27.100.13)
LDAP_EXTENSION_CHANGE_REPLICA_TYPE (2.16.840.1.113719.1.27.100.15)
LDAP_EXTENSION_GET_REPLICA_INFO (2.16.840.1.113719.1.27.100.17)
LDAP_EXTENSION_LIST_REPLICAS (2.16.840.1.113719.1.27.100.19)
LDAP_EXTENSION_RECEIVE_ALL_UPDATES (2.16.840.1.113719.1.27.100.21)
LDAP_EXTENSION_SEND_ALL_UPDATES (2.16.840.1.113719.1.27.100.23)
LDAP_EXTENSION_REQUEST_PARTITIONSYNC (2.16.840.1.113719.1.27.100.25)
LDAP_EXTENSION_REQUEST_SCHEMASYNC (2.16.840.1.113719.1.27.100.27)
LDAP_EXTENSION_ABORT_PARTITION_OPERATION (2.16.840.1.113719.1.27.100.29)
LDAP_EXTENSION_GET_BINDDN (2.16.840.1.113719.1.27.100.31)
LDAP_EXTENSION_GET_EFFECTIVE_PRIVILEGES (2.16.840.1.113719.1.27.100.33)
LDAP_EXTENSION_SET_REPLICATION_FILTER (2.16.840.1.113719.1.27.100.35)
LDAP_EXTENSION_GET_REPLICATION_FILTER (2.16.840.1.113719.1.27.100.37)
LDAP_EXTENSION_CREATE_ORPHAN_PARTITION (2.16.840.1.113719.1.27.100.39)
LDAP_EXTENSION_REMOVE_ORPHAN_PARTITION (2.16.840.1.113719.1.27.100.41)
LDAP_EXTENSION_TRIGGER_BACKLINKER (2.16.840.1.113719.1.27.100.43)
LDAP_EXTENSION_TRIGGER_DRLPROCESS (2.16.840.1.113719.1.27.100.45)
LDAP_EXTENSION_TRIGGER_JANITOR (2.16.840.1.113719.1.27.100.47)
LDAP_EXTENSION_TRIGGER_LIMBER (2.16.840.1.113719.1.27.100.49)
LDAP_EXTENSION_TRIGGER_SKULKER (2.16.840.1.113719.1.27.100.51)
LDAP_EXTENSION_TRIGGER_SCHEMASYNC (2.16.840.1.113719.1.27.100.53)
LDAP_EXTENSION_TRIGGER_PARTITIONPURGE (2.16.840.1.113719.1.27.100.55)
LDAP_EXTENSION_MONITOR_EVENTS (2.16.840.1.113719.1.27.100.79)
LDAP_EXTENSION_EVENT_NOTIFICATION (2.16.840.1.113719.1.27.100.81)
LDAP_EXTENSION_FILTERED_EVENT_MONITOR (2.16.840.1.113719.1.27.100.84)
LDAP_EXTENSION_LDAPBACKUP (2.16.840.1.113719.1.27.100.96)
LDAP_EXTENSION_LDAPRESTORE (2.16.840.1.113719.1.27.100.98)
LDAP_EXTENSION_GET_EFFECTIVE_LIST_PRIVILEGES (2.16.840.1.113719.1.27.100.103)
LDAP_EXTENSION_CREATE_GROUPING (2.16.840.1.113719.1.27.103.1)
LDAP_EXTENSION_END_GROUPING (2.16.840.1.113719.1.27.103.2)
LDAP_EXTENSION_NMAS_PUT_LOGIN_CONFIGURATION (2.16.840.1.113719.1.39.42.100.1)
LDAP_EXTENSION_NMAS_GET_LOGIN_CONFIGURATION (2.16.840.1.113719.1.39.42.100.3)
LDAP_EXTENSION_NMAS_DELETE_LOGIN_CONFIGURATION (2.16.840.1.113719.1.39.42.100.5)
LDAP_EXTENSION_NMAS_PUT_LOGIN_SECRET (2.16.840.1.113719.1.39.42.100.7)
LDAP_EXTENSION_NMAS_DELETE_LOGIN_SECRET (2.16.840.1.113719.1.39.42.100.9)
LDAP_EXTENSION_NMAS_SET_PASSWORD (2.16.840.1.113719.1.39.42.100.11)
LDAP_EXTENSION_NMAS_GET_PASSWORD (2.16.840.1.113719.1.39.42.100.13)
LDAP_EXTENSION_NMAS_DELETE_PASSWORD (2.16.840.1.113719.1.39.42.100.15)
LDAP_EXTENSION_NMAS_PASSWORD_POLICYCHECK (2.16.840.1.113719.1.39.42.100.17)
LDAP_EXTENSION_NMAS_GET_PASSWORD_POLICY_INFO (2.16.840.1.113719.1.39.42.100.19)
LDAP_EXTENSION_NMAS_CHANGE_PASSWORD (2.16.840.1.113719.1.39.42.100.21)
LDAP_EXTENSION_NMAS_GAMS (2.16.840.1.113719.1.39.42.100.23)
LDAP_EXTENSION_NMAS_MANAGEMENT (2.16.840.1.113719.1.39.42.100.25)
LDAP_EXTENSION_START_FRAMED_PROTOCOL (2.16.840.1.113719.1.142.100.1)
LDAP_EXTENSION_END_FRAMED_PROTOCOL (2.16.840.1.113719.1.142.100.4)
LDAP_EXTENSION_LBURP_OPERATION (2.16.840.1.113719.1.142.100.6)

Feature OIDs

Feature OIDs identify LDAP features.

By announcing the respective OIDs in the operational attribute supportedFeature of the Root DSE an LDAP server indicates which LDAP features it supports.

LDAP_FEATURE_ALL_OPATTS (1.3.6.1.4.1.4203.1.5.1)

Indicates if the server allows + for returning all operational attributes (RFC 3673)

LDAP_FEATURE_OBJECTCLASS_ATTRS (1.3.6.1.4.1.4203.1.5.2)

Indicates that the server allows @objectclass for returning all attributes used to represent a particular class of object (RFC 4529)

LDAP_FEATURE_ABSOLUTE_FILTERS (1.3.6.1.4.1.4203.1.5.3)

Indicates that the server supports (&) for the absolute True filter, and (|) for the absolute False filter (RFC 4526).

LDAP_FEATURE_LANGUAGE_TAG_OPTIONS (1.3.6.1.4.1.4203.1.5.4)

Indicates the server supports language tag options of the form lang-language-tag with attributes (RFC 3866)

LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS (1.3.6.1.4.1.4203.1.5.5)

Indicates that the server supports language tag range options (RFC 3866)

LDAP_FEATURE_MODIFY_INCREMENT (1.3.6.1.1.14)

Indicates if the server supports the Modify Increment extension (RFC 4525). See "modify" in Net::LDAP.

Active Directory Capability OIDs

The following constants are specific to Microsoft Active Directory. They serve to denote capabilities via the non-standard operational attribute supportedCapabilities in the Root DSE of an an LDAP server.

LDAP_CAP_ACTIVE_DIRECTORY (1.2.840.113556.1.4.800)

Indicates that the LDAP server is running Active Directory and is running as AD DS.

LDAP_CAP_ACTIVE_DIRECTORY_LDAP_INTEG (1.2.840.113556.1.4.1791)

Indicates that the LDAP server on the DC is capable of signing and sealing on an NTLM authenticated connection, and that the server is capable of performing subsequent binds on a signed or sealed connection.

LDAP_CAP_ACTIVE_DIRECTORY_V51 (1.2.840.113556.1.4.1670)

On an Active Directory DC operating as AD DS, the presence of this capability indicates that the LDAP server is running at least the Windows 2003.

On an Active Directory DC operating as AD LDS, the presence of this capability indicates that the LDAP server is running at least the Windows 2008.

LDAP_CAP_ACTIVE_DIRECTORY_ADAM (1.2.840.113556.1.4.1851)

Indicates that the LDAP server is running Active Directory as AD LDS.

LDAP_CAP_ACTIVE_DIRECTORY_ADAM_DIGEST (1.2.840.113556.1.4.1880)

Indicates on a DC operating as AD LDS, that the DC accepts DIGEST-MD5 binds for AD LDS security principals.

LDAP_CAP_ACTIVE_DIRECTORY_PARTIAL_SECRETS (1.2.840.113556.1.4.1920)

Indicates that the Active Directory DC operating as AD DS, is an RODC.

LDAP_CAP_ACTIVE_DIRECTORY_V60 (1.2.840.113556.1.4.1935)

Indicates that the LDAP server is running at least the Windows 2008.

LDAP_CAP_ACTIVE_DIRECTORY_V61_R2 (1.2.840.113556.1.4.2080)

Indicates that the LDAP server is running at least the Windows 2008 R2.

LDAP_CAP_ACTIVE_DIRECTORY_W8 (1.2.840.113556.1.4.2237)

Indicates that the LDAP server is running at least the Windows 2012.

SEE ALSO

Net::LDAP, Net::LDAP::Message

AUTHOR

Graham Barr <[email protected]>

Please report any bugs, or post any suggestions, to the perl-ldap mailing list <[email protected]>

Copyright (c) 1998-2009 Graham Barr. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.